[VIM] AlstraSoft Web Host Directory XSS issue probably non-admin

Steven M. Christey coley at mitre.org
Thu May 25 20:53:03 EDT 2006


  BUGTRAQ:20060523 AlstraSoft Web Host Directory v1.2

Researcher says:

    Input data isn't filtered in the write a review box. This in turn
    can cause a XSS. For proof of concept, just try putting [XSS] in
    as the review text and then login in as the admin and view your
    review. Reviews have an option to be auto approved too.

Some vuln DBs appear to have omitted this, possibly due to the mention
"login in as the admin and view your review."  A more plausible
scenario is a regular user who writes a review, which is then approved
by the admin, theoretically triggering the XSS either when the admin
moderates the review.  Or, the auto-approve might inject the XSS
without moderator review.

Note here:


has "User Functions" which include "View/Post reviews for a hosting
company".  Given there's a separate section on "Admin Functions," I
would say that the XSS appears to be non-admin.

That's the interpretation I'm going with anyway; no idea whether the
original report was correct in the first place.

- Steve

More information about the VIM mailing list